Lucene search
K

48 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-5021

Malware in sbrugna...

2.1CVSS5.7AI score0.00387EPSS
Exploits0References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-2305

Malware in sbrugna...

7.8CVSS7.7AI score0.00294EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1860

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01105EPSS
Exploits0References3
OSV
OSV
added 2022/04/23 12:40 a.m.23 views

GHSA-WQ8G-HM94-5RQQ JBoss AS may expose root content if excluded-contexts list is mismatched

JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...

7.5CVSS7.5AI score0.01105EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/04/23 12:40 a.m.27 views

JBoss AS may expose root content if excluded-contexts list is mismatched

JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...

7.5CVSS1AI score0.01105EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2020/03/10 5:15 p.m.24 views

CVE-2012-1094

JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...

7.5CVSS7.5AI score0.01105EPSS
Exploits0References2
Prion
Prion
added 2020/03/10 5:15 p.m.18 views

Design/Logic Flaw

JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...

5CVSS7AI score0.01105EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/10 4:19 p.m.22 views

CVE-2012-1094

JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...

7.5AI score0.01105EPSS
Exploits0References2
CVE
CVE
added 2020/03/10 4:19 p.m.65 views

CVE-2012-1094

Summary: CVE-2012-1094 affects Red Hat/JBoss AS 7 before 7.1.1 with mod_cluster. The issue arises from how a default hostname is handled, causing the excluded-contexts list to be mismatched and the root context to be exposed. Affected software: JBoss Application Server 7.x up to 7.1.0 (and mod_cl...

7.5CVSS7.4AI score0.01105EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/01/06 12:0 a.m.4 views

Red Hat JBoss EAP and JBoss Application Server Privilege Vulnerability

Red Hat JBoss Application Server is a U.S. Red Hat Red Hat company based on Java EE open source application server. The product has a startup ultra-fast , lightweight , modular design , hot and parallel deployment , simple management , domain management and the first class components and other...

7.8CVSS7.4AI score0.00294EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/12/18 6:15 p.m.39 views

CVE-2012-2312

An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...

7.8CVSS7.1AI score0.00294EPSS
Exploits0References2
Prion
Prion
added 2019/12/18 6:15 p.m.19 views

Input validation

An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...

4.6CVSS6.8AI score0.00294EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2019/12/18 5:47 p.m.61 views

CVE-2012-2312

CVE-2012-2312 affects JBoss AS 7 Community Release. The issue arises from improper security context propagation: a thread-pool-reused security context may retain the previous process’s context, enabling a local user to obtain elevated privileges. The connected documents corroborate the elevated-p...

7.8CVSS7.4AI score0.00294EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2019/12/18 5:47 p.m.27 views

CVE-2012-2312

An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...

7.5AI score0.00294EPSS
Exploits0References3
NVD
NVD
added 2019/12/06 6:15 p.m.22 views

CVE-2012-2148

An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies...

3.3CVSS4AI score0.00318EPSS
Exploits0References3
CVE
CVE
added 2019/12/06 5:35 p.m.132 views

CVE-2012-2148

Technical details (affected product/version, root cause, impact, or mitigations) are not publicly available in the provided documents. Monitor for updates to official advisories and vendor notices.

3.3CVSS4.3AI score0.00318EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/12/06 5:35 p.m.29 views

CVE-2012-2148

An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies...

4AI score0.00318EPSS
Exploits0References3
NVD
NVD
added 2019/11/26 2:15 a.m.15 views

CVE-2011-3606

A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DO...

5.4CVSS5.4AI score0.01053EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2019/11/26 2:15 a.m.22 views

CVE-2011-3606

A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DO...

5.4CVSS6.1AI score0.01053EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2019/07/12 12:0 a.m.148 views

Red Hat JBoss Application Server (AS) Console and Web Management Misconfiguration Vulnerability - Active Check

The default configuration of Red Hat JBoss Application Server AS does not restrict access to the console and web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests. SPDX-FileCopyrightText: 2019 Greenbone AG Some text...

7.5CVSS6.9AI score0.81832EPSS
Exploits5References2
Rows per page
Query Builder